Cybersecurity

Come on, NSA, it’s time to join the fight against Windows hacking

It’s no secret that hackers the world over target Windows vulnerabilities in order to wreak havoc, hold up data and networks for ransom, pull off money-making scams, and disrupt elections and the workings of democracy. They target Windows for a simple reason: volume. The operating system is on the vast majority of desktop and laptop computers worldwide.

Over the years, the U.S. National Security Agency (NSA) has unwittingly helped hackers in some of the world’s most dangerous and notoriously successful attacks by developing tools to exploit Windows security holes, rather than alert Microsoft to those vulnerabilities. Some of the tools have been leaked to hackers and used in massive attacks, including the EternalBlue cyber-exploit, which was used in the WannaCry global ransomware attack that affected computers in more than 150 countries and is estimated to have caused billions of dollars in damage.

The NSA may be changing its ways, but perhaps not completely. In mid-January, the agency alerted Microsoft to a severe Windows security breach rather than develop tools to exploit it. Microsoft patched the hole, and the world — and your computer and data — is now safer.